Gene6 FTP Server Multiple Command Overflow DoS

2006-05-03T05:32:37
ID OSVDB:25238
Type osvdb
Reporter Alexey Biznya(biakus@krw.ru)
Modified 2006-05-03T05:32:37

Description

Vulnerability Description

Gene6 FTP Server contains a flaw that may allow a remote denial of service. The issue is triggered due to an error within the handling of the "MKD" and "XMKD" commands, and will result in loss of availability for the service.

Solution Description

Currently, there are no known upgrades, patches, or workarounds available to correct this issue.

Short Description

Gene6 FTP Server contains a flaw that may allow a remote denial of service. The issue is triggered due to an error within the handling of the "MKD" and "XMKD" commands, and will result in loss of availability for the service.

Manual Testing Notes

MKD ~A/~A/~A/~A/~A/~A/~A [approximate 3000 bytes]

References:

Vendor URL: http://gene6.com/ Secunia Advisory ID:19965 Nessus Plugin ID:21324 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-05/0054.html ISS X-Force ID: 26237 FrSIRT Advisory: ADV-2006-1658 CVE-2006-2172 Bugtraq ID: 17810